本文最后更新于:December 3, 2021 pm
在WEB开发中,服务器可以为每个用户浏览器创建一个会话对象(session对象),注意:一个浏览器独占一个session对象(默认情况下)。因此,在需要保存用户数据时,服务器程序可以把用户数据写到用户浏览器独占的session中,当用户使用浏览器访问其它程序时,其它程序可以从用户的session中取出该用户的数据,为用户服务。
目录
1.Session概述
Session用于记录用户的状态。Session指的是在一段时间内,单个客户端与web服务器的一连串相关的交互过程。在一个Session中,用户可能会多次请求访问同一个资源,也有可能请求访问各种不同的服务器资源。
1.1 Session原理
- 服务器会为每一次会话分配一个Session对象。
- 同一个浏览器发起的多次请求,属于同一次会话(Session)。
- 首次使用到Session时,服务器会自动创建Session,并创建Cookie存储SessionId发送回客户端。
2.Session使用
Session作用域:拥有存储数据的空间,作业范围是一次会话有效。
- 一次会话是使用同一浏览器发送的多次请求。一旦浏览器关闭,则会话结束。
- 可以将数据存入Session中,在一次会话的任意位置进行获取。
- 可传递任何数据(基本数据类型、对象、集合、数组)。
2.1 获取Session
HttpSession session = request.getSession();
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
| package com.tothefor.sessionP;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/ss")
public class SessionServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession httpSession = req.getSession();
System.out.println(httpSession.getId());
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req,resp);
}
}
|
可以尝试多次刷新页面和把浏览器关闭完后再次访问,在控制台可以发现其Session的Id是不同的。
2.2 Session保存数据
setAttribute(属性名,Object); 保存数据到Session中。
| session.setAttribute("key","value");
|
2.3 Session获取数据
getAttribute(属性名); 获取Session中的数据。
| session.getAttribute("key");
|
2.4 Session移除数据
removeAttribute(属性名); 从Session中删除数据。
| session.removeAttribute("key");
|
2.5 示例
设置Session:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
| package com.tothefor.sessionP;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/ss")
public class SessionServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession httpSession = req.getSession();
httpSession.setAttribute("username","loongloong");
System.out.println(httpSession.getId());
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req,resp);
}
}
|
获取Session:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
| package com.tothefor.sessionP;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/gs")
public class getSession extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
String s = (String) session.getAttribute("username");
System.out.println("拿到的Session "+ s);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req,resp);
}
}
|
移除Session:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
| package com.tothefor.sessionP;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/rs")
public class removeSession extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
session.removeAttribute("username");
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req,resp);
}
}
|
浏览器访问顺序:ss -> gs -> rs -> gs
结果:
| 5EA82F3C98E15F679A51A0CDA3B206D9
拿到的Session loongloong
拿到的Session null
|
3.Session与Request应用区别
- request是一次请求有效,请求改变,request改变。(可以用重定向来验证,因为重定向属于至少两次请求。)
- session是一次会话有效,浏览器改变,session改变。
3.1 示例
创建:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
| package com.tothefor.sessionP;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/ss")
public class SessionServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession httpSession = req.getSession();
httpSession.setAttribute("username","loongloong");
req.setAttribute("password","123456789");
resp.sendRedirect("/Cook_war_exploded/gs");
System.out.println(httpSession.getId());
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req,resp);
}
}
|
获取:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
| package com.tothefor.sessionP;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/gs")
public class getSession extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
String s = (String) session.getAttribute("username");
String sp = (String) req.getAttribute("password");
System.out.println("拿到的Session "+ s);
System.out.println("拿到的request "+ sp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req,resp);
}
}
|
执行顺序:ss -> gs
结果:
| 117F44C3098BED68DF1B14FDC5174469
拿到的Session loongloong
拿到的request null
|
表明,request的作用域只能在一次请求以内有效。通过重定向(两次请求)就无法传递数据。
4.Session的生命周期
开始是第一次使用到Session的请求而产生。而结束有多种:
- 浏览器关闭,则失效
- Session超时,则失效。session.setMaiInactiveInterval(seconds);设置最大有效时间,单位为秒。
- 手动销毁,则失效。 session.invalidate(); 用于登录退出、注销。
4.1 session.setMaiInactiveInterval(seconds)
设置:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
| package com.tothefor.sessionP;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/ls1")
public class life1 extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
session.setMaxInactiveInterval(10);
System.out.println(session.getId());
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req,resp);
}
}
|
获取:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
| package com.tothefor.sessionP;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/ls2")
public class life2 extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
System.out.println(session.getId());
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req,resp);
}
}
|
执行顺序:ls1 -> ls2(10s内)-> ls2(10s后)
结果:
| 9522290829E9266AC4021BF3D55B37EA
9522290829E9266AC4021BF3D55B37EA
772A0C698222A48A0A8BFF6516FCEB46
|
4.2 session.invalidate()
设置:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
| package com.tothefor.sessionP;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/ls1")
public class life1 extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
System.out.println(session.getId());
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req,resp);
}
}
|
获取:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
| package com.tothefor.sessionP;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/ls2")
public class life2 extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
System.out.println(session.getId());
session.invalidate();
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req,resp);
}
}
|
执行顺序:ls1 -> ls2 -> ls1
结果
| 39F75884C151F046C8C980B95869FC89
39F75884C151F046C8C980B95869FC89
39B8B8AB16E46106012957083BBE5653
|
